httpd-dev mailing list archives

On 6/8/06, Joe Orton <jorton@redhat.com> wrote:
> Thanks for doing the research, Roy.
Ditto.
> On Wed, Jun 07, 2006 at 02:03:33PM -0700, Roy T. Fielding wrote:
> > Okay, let me put it in a different way. The alternatives are
> >
> > 1) retain the status quo, forbid distributing ssl binaries, and
> > include in our documentation that people in banned countries are not
> > allowed to download httpd 2.x.
>
> This gets my vote. I don't see why it's necessary for the ASF to be in
> the business of distributing binaries; letting other people assume the
> technical and legal responsibilites for doing that seems reasonable.
>
> The documentation work necessary would be greater if mod_ssl is split
> into a separate package, and having mod_ssl in the tree is one of the
> compelling features of 2.x anyway.
Overall, I think forbidding the distribution of the SSL-enabled
binaries is probably the sanest thing technically and legally for us
to do. I understand the arguments about the Win32 folks not having
SSL out of the box, but I don't think that particular advantage
outweighs the social and technical problems with creating two separate
versions of the distributions.
So, +1 to keeping the status quo (always my favorite!). -- justin